@pagopa/io-react-native-wallet 1.2.3 → 1.3.0

package/src/credential/presentation/04-retrieve-rp-jwks.ts

@@ -3,6 +3,12 @@ import { hasStatusOrThrow } from "../../utils/misc";
 import { RelyingPartyEntityConfiguration } from "../../entity/trust/types";
 import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
 import { NoSuitableKeysFoundInEntityConfiguration } from "./errors";
+import { RequestObject } from "./types";
+import {
+  convertCertToPem,
+  parsePublicKey,
+  getSigningJwk,
+} from "../../utils/crypto";
 
 /**
  * Defines the signature for a function that retrieves JSON Web Key Sets (JWKS) from a client.
@@ -16,54 +22,136 @@ export type FetchJwks<T extends Array<unknown> = []> = (...args: T) => Promise<{
 }>;
 
 /**
- * Retrieves the JSON Web Key Set (JWKS) from the specified client's well-known endpoint.
- * It is formed using `{issUrl.base}/.well-known/jar-issuer${issUrl.pah}` as explained in SD-JWT VC issuer metadata section
+ * Fetches and parses JWKS from a given URI.
  *
- * @param requestObjectEncodedJwt - Request Object in JWT format.
- * @param options - Optional context containing a custom fetch implementation.
- * @param options.context - Optional context object.
- * @param options.context.appFetch - Optional custom fetch function to use instead of the global `fetch`.
- * @returns A promise resolving to an object containing an array of JWKs.
- * @throws Will throw an error if the JWKS retrieval fails.
+ * @param jwksUri - The JWKS URI.
+ * @param fetchFn - The fetch function to use.
+ * @returns An array of JWKs.
+ */
+const fetchJwksFromUri = async (
+  jwksUri: string,
+  appFetch: GlobalFetch["fetch"]
+): Promise<JWK[]> => {
+  const jwks = await appFetch(jwksUri, {
+    method: "GET",
+  })
+    .then(hasStatusOrThrow(200))
+    .then((raw) => raw.json())
+    .then((json) => (json.jwks ? JWKS.parse(json.jwks) : JWKS.parse(json)));
+  return jwks.keys;
+};
+
+/**
+ * Retrieves JWKS when the client ID scheme includes x509 SAN DNS.
+ *
+ * @param decodedJwt - The decoded JWT.
+ * @param fetchFn - The fetch function to use.
+ * @returns An array of JWKs.
+ * @throws Will throw an error if no suitable keys are found.
+ */
+const getJwksFromX509Cert = async (certChain: string[]): Promise<JWK[]> => {
+  if (!Array.isArray(certChain) || certChain.length === 0 || !certChain[0]) {
+    throw new NoSuitableKeysFoundInEntityConfiguration(
+      "No RP encrypt key found!"
+    );
+  }
+
+  const pemCert = convertCertToPem(certChain[0]);
+  const publicKey = parsePublicKey(pemCert);
+  if (!publicKey) {
+    throw new NoSuitableKeysFoundInEntityConfiguration(
+      "Unsupported public key type."
+    );
+  }
+  const signingJwk = getSigningJwk(publicKey);
+
+  return [signingJwk];
+};
+
+/**
+ * Constructs the well-known JWKS URL based on the issuer claim.
+ *
+ * @param issuer - The issuer URL.
+ * @returns The well-known JWKS URL.
+ */
+const constructWellKnownJwksUrl = (issuer: string): string => {
+  const issuerUrl = new URL(issuer);
+  return new URL(
+    `/.well-known/jar-issuer${issuerUrl.pathname}`,
+    `${issuerUrl.protocol}//${issuerUrl.host}`
+  ).toString();
+};
+
+/**
+ * Fetches the JSON Web Key Set (JWKS) based on the provided Request Object encoded as a JWT.
+ * The retrieval process follows these steps in order:
+ *
+ * 1. **Direct JWK Retrieval**: If the JWT's protected header contains a `jwk` attribute, it uses this key directly.
+ * 2. **X.509 Certificate Retrieval**: If the protected header includes an `x5c` attribute, it extracts the JWKs from the provided X.509 certificate chain.
+ * 3. **Issuer's Well-Known Endpoint**: If neither `jwk` nor `x5c` are present, it constructs the JWKS URL using the issuer (`iss`) claim and fetches the keys from the issuer's well-known JWKS endpoint.
+ *
+ * The JWKS URL is constructed in the format `{issUrl.base}/.well-known/jar-issuer${issUrl.path}`,
+ * as detailed in the SD-JWT VC issuer metadata specification.
+ *
+ * @param requestObjectEncodedJwt - The Request Object encoded as a JWT.
+ * @param options - Optional parameters for fetching the JWKS.
+ * @param options.context - Optional context providing a custom fetch implementation.
+ * @param options.context.appFetch - A custom fetch function to replace the global `fetch` if provided.
+ * @returns A promise that resolves to an object containing an array of JSON Web Keys (JWKs).
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} Throws an error if JWKS retrieval or key extraction fails.
  */
 export const fetchJwksFromRequestObject: FetchJwks<
   [string, { context?: { appFetch?: GlobalFetch["fetch"] } }?]
 > = async (requestObjectEncodedJwt, { context = {} } = {}) => {
   const { appFetch = fetch } = context;
   const requestObjectJwt = decodeJwt(requestObjectEncodedJwt);
+  const jwks: JWK[] = [];
 
   // 1. check if request object jwt contains the 'jwk' attribute
   if (requestObjectJwt.protectedHeader?.jwk) {
-    return {
-      keys: [JWK.parse(requestObjectJwt.protectedHeader.jwk)],
-    };
+    const keys = [JWK.parse(requestObjectJwt.protectedHeader.jwk)];
+    jwks.push(...keys);
+  }
+
+  // 2. check if request object jwt contains the 'x5c' attribute
+  if (requestObjectJwt.protectedHeader.x5c) {
+    const keys = await getJwksFromX509Cert(
+      requestObjectJwt.protectedHeader.x5c
+    );
+    jwks.push(...keys);
+  }
+
+  // 3. check if client_metadata contains the 'jwks' or 'jwks_uri' attribute
+  const requestObject = RequestObject.parse(requestObjectJwt.payload);
+  const { client_metadata } = requestObject;
+
+  if (client_metadata?.jwks_uri) {
+    const fetchedJwks = await fetchJwksFromUri(
+      new URL(client_metadata.jwks_uri).toString(),
+      appFetch
+    );
+    jwks.push(...fetchedJwks);
+  }
+
+  if (client_metadata?.jwks) {
+    jwks.push(...client_metadata.jwks.keys);
+  }
+
+  // 3. According to Potential profile, retrieve from RP endpoint using iss claim
+  const issuer = requestObjectJwt.payload?.iss;
+  if (jwks.length === 0 && typeof issuer === "string") {
+    const wellKnownJwksUrl = constructWellKnownJwksUrl(issuer);
+    const jwksKeys = await fetchJwksFromUri(wellKnownJwksUrl, appFetch);
+    jwks.push(...jwksKeys);
   }
 
-  // 2. According to Potential profile, retrieve from RP endpoint using iss claim
-  const issClaimValue = requestObjectJwt.payload?.iss as string;
-  if (issClaimValue) {
-    const issUrl = new URL(issClaimValue);
-    const wellKnownUrl = new URL(
-      `/.well-known/jar-issuer${issUrl.pathname}`,
-      `${issUrl.protocol}//${issUrl.host}`
-    ).toString();
-
-    // Fetches the JWKS from a specific endpoint of the entity's well-known configuration
-    const jwks = await appFetch(wellKnownUrl, {
-      method: "GET",
-    })
-      .then(hasStatusOrThrow(200))
-      .then((raw) => raw.json())
-      .then((json) => JWKS.parse(json.jwks));
-
-    return {
-      keys: jwks.keys,
-    };
+  if (jwks.length === 0) {
+    throw new NoSuitableKeysFoundInEntityConfiguration(
+      "Request Object signature verification"
+    );
   }
 
-  throw new NoSuitableKeysFoundInEntityConfiguration(
-    "Request Object signature verification"
-  );
+  return { keys: jwks };
 };
 
 /**

package/src/credential/presentation/05-verify-request-object.ts

@@ -15,9 +15,10 @@ export const verifyRequestObjectSignature: VerifyRequestObjectSignature =
     const requestObjectJwt = decodeJwt(requestObjectEncodedJwt);
 
     // verify token signature to ensure the request object is authentic
-    const pubKey = jwkKeys?.find(
-      ({ kid }) => kid === requestObjectJwt.protectedHeader.kid
-    );
+    const pubKey =
+      jwkKeys?.find(
+        ({ kid }) => kid === requestObjectJwt.protectedHeader.kid
+      ) || jwkKeys?.find(({ use }) => use === "sig");
 
     if (!pubKey) {
       throw new UnverifiedEntityError("Request Object signature verification!");

package/src/credential/presentation/07-evaluate-input-descriptor.ts

@@ -9,6 +9,7 @@ const INDEX_CLAIM_NAME = 1;
 export type EvaluatedDisclosures = {
   requiredDisclosures: DisclosureWithEncoded[];
   optionalDisclosures: DisclosureWithEncoded[];
+  unrequestedDisclosures: DisclosureWithEncoded[];
 };
 
 export type EvaluateInputDescriptorSdJwt4VC = (
@@ -99,8 +100,8 @@ const extractClaimName = (path: string): string | undefined => {
  * - Validates whether required fields are present (unless marked optional)
  *   and match any specified JSONPath.
  * - If a field includes a JSON Schema filter, validates the claim value against that schema.
- * - Enforces `limit_disclosure` rules by returning only disclosures matching the specified fields
- *   if set to "required". Otherwise return the array of all disclosures.
+ * - Enforces `limit_disclosure` rules by returning only disclosures, required and optional, matching the specified fields
+ *   if set to "required". Otherwise also return the array unrequestedDisclosures with disclosures which can be passed for a particular use case.
  * - Throws an error if a required field is invalid or missing.
  *
  * @param inputDescriptor - Describes constraints (fields, filters, etc.) that must be satisfied.
@@ -115,7 +116,8 @@ export const evaluateInputDescriptorForSdJwt4VC: EvaluateInputDescriptorSdJwt4VC
       // No validation, all field are optional
       return {
         requiredDisclosures: [],
-        optionalDisclosures: disclosures,
+        optionalDisclosures: [],
+        unrequestedDisclosures: disclosures,
       };
     }
     const requiredClaimNames: string[] = [];
@@ -182,9 +184,6 @@ export const evaluateInputDescriptorForSdJwt4VC: EvaluateInputDescriptorSdJwt4VC
     }
 
     // Categorizes disclosures into required and optional based on claim names and disclosure constraints.
-    const isNotLimitDisclosure = !(
-      inputDescriptor.constraints.limit_disclosure === "required"
-    );
 
     const requiredDisclosures = disclosures.filter((disclosure) =>
       requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME])
@@ -197,8 +196,23 @@ export const evaluateInputDescriptorForSdJwt4VC: EvaluateInputDescriptorSdJwt4VC
           !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME]))
     );
 
+    const isNotLimitDisclosure = !(
+      inputDescriptor.constraints.limit_disclosure === "required"
+    );
+
+    const unrequestedDisclosures = isNotLimitDisclosure
+      ? disclosures.filter(
+          (disclosure) =>
+            !optionalClaimNames.includes(
+              disclosure.decoded[INDEX_CLAIM_NAME]
+            ) &&
+            !requiredClaimNames.includes(disclosure.decoded[INDEX_CLAIM_NAME])
+        )
+      : [];
+
     return {
       requiredDisclosures,
       optionalDisclosures,
+      unrequestedDisclosures,
     };
   };

package/src/credential/presentation/08-send-authorization-response.ts

@@ -6,12 +6,12 @@ import {
 import uuid from "react-native-uuid";
 import type { FetchJwks } from "./04-retrieve-rp-jwks";
 import type { VerifyRequestObjectSignature } from "./05-verify-request-object";
-import type { JWK } from "@pagopa/io-react-native-jwt/lib/typescript/types";
 import { NoSuitableKeysFoundInEntityConfiguration } from "./errors";
 import { hasStatusOrThrow, type Out } from "../../utils/misc";
 import { disclose } from "../../sd-jwt";
 import { PresentationDefinition, type Presentation } from "./types";
 import * as z from "zod";
+import type { JWK } from "../../utils/jwk";
 
 export type AuthorizationResponse = z.infer<typeof AuthorizationResponse>;
 export const AuthorizationResponse = z.object({
@@ -27,27 +27,25 @@ export const AuthorizationResponse = z.object({
 });
 
 /**
- * Selects an RSA public key (with `use = enc` and `kty = RSA`) from the set of JWK keys
+ * Selects a public key (with `use = enc`) from the set of JWK keys
  * offered by the Relying Party (RP) for encryption.
  *
  * @param rpJwkKeys - The array of JWKs retrieved from the RP entity configuration.
- * @returns The first suitable RSA public key found in the list.
- * @throws {NoSuitableKeysFoundInEntityConfiguration} If no suitable RSA encryption key is found.
+ * @returns The first suitable public key found in the list.
+ * @throws {NoSuitableKeysFoundInEntityConfiguration} If no suitable encryption key is found.
  */
-export const chooseRSAPublicKeyToEncrypt = (
+export const choosePublicKeyToEncrypt = (
   rpJwkKeys: Out<FetchJwks>["keys"]
 ): JWK => {
-  const [rsaEncKey] = rpJwkKeys.filter(
-    (jwk) => jwk.use === "enc" && jwk.kty === "RSA"
-  );
+  const [encKey] = rpJwkKeys.filter((jwk) => jwk.use === "enc");
 
-  if (rsaEncKey) {
-    return rsaEncKey;
+  if (encKey) {
+    return encKey;
   }
 
   // No suitable key found
   throw new NoSuitableKeysFoundInEntityConfiguration(
-    "No suitable RSA public key found for encryption."
+    "No suitable public key found for encryption."
   );
 };
 
@@ -169,17 +167,27 @@ export const buildDirectPostJwtBody = async (
   });
 
   // Choose a suitable RSA public key for encryption
-  const rsaPublicJwk = chooseRSAPublicKeyToEncrypt(jwkKeys);
+  const encPublicJwk = choosePublicKeyToEncrypt(jwkKeys);
 
   // Encrypt the authorization payload
+  const { client_metadata } = requestObject;
   const encryptedResponse = await new EncryptJwe(authzResponsePayload, {
-    alg: "RSA-OAEP-256",
-    enc: "A256CBC-HS512",
-    kid: rsaPublicJwk.kid,
-  }).encrypt(rsaPublicJwk);
+    alg:
+      (client_metadata?.authorization_encrypted_response_alg as
+        | "RSA-OAEP-256"
+        | "RSA-OAEP") || "RSA-OAEP-256",
+    enc:
+      (client_metadata?.authorization_encrypted_response_enc as
+        | "A256CBC-HS512"
+        | "A128CBC-HS256") || "A256CBC-HS512",
+    kid: encPublicJwk.kid,
+  }).encrypt(encPublicJwk);
 
   // Build the x-www-form-urlencoded form body
-  const formBody = new URLSearchParams({ response: encryptedResponse });
+  const formBody = new URLSearchParams({
+    response: encryptedResponse,
+    state: requestObject.state,
+  });
   return formBody.toString();
 };
 

package/src/credential/presentation/README.md

@@ -29,8 +29,8 @@ sequenceDiagram
   <summary>Remote Presentation flow</summary>
 
 ```ts
-// Scan e retrive qr-code
-const qrcode = ...
+// Scan e retrive qr-code, decode it and get its parameters
+const {requestUri, clientId} = ...
 
 // Retrieve the integrity key tag from the store and create its context
 const integrityKeyTag = "example"; // Let's assume this is the key tag used to create the wallet instance
@@ -55,7 +55,7 @@ const walletInstanceAttestation =
   });
 
 // Start the issuance flow
-const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(qrcode);
+const { requestURI, clientId } = Credential.Presentation.startFlowFromQR(requestUri, clientId);
 
 // If use trust federation: Evaluate issuer trust
 const { rpConf } = await Credential.Presentation.evaluateRelyingPartyTrust(clientId);
@@ -111,4 +111,4 @@ const { presentationDefinition } = await Credential.Presentation.fetchPresentDef
 
 ```
 
-</details>
+</details>

package/src/credential/presentation/errors.ts

@@ -40,22 +40,6 @@ export class NoSuitableKeysFoundInEntityConfiguration extends IoWalletError {
   }
 }
 
-/**
- * When a QR code is not valid.
- *
- */
-export class InvalidQRCodeError extends IoWalletError {
-  code = "ERR_INVALID_QR_CODE";
-
-  /**
-   * @param detail A description of why the QR code is considered invalid.
-   */
-  constructor(detail: string) {
-    const message = `QR code is not valid: ${detail}.`;
-    super(message);
-  }
-}
-
 /**
  * When the entity is unverified because the Relying Party is not trusted.
  *

package/src/credential/presentation/types.ts

@@ -1,6 +1,7 @@
 import type { CryptoContext } from "@pagopa/io-react-native-jwt";
 import { UnixTime } from "../../sd-jwt/types";
 import * as z from "zod";
+import { JWKS } from "../../utils/jwk";
 
 /**
  * A pair that associate a tokenized Verified Credential with the claims presented or requested to present.
@@ -77,7 +78,15 @@ export const RequestObject = z.object({
   response_type: z.literal("vp_token"),
   response_mode: z.enum(["direct_post.jwt", "direct_post"]),
   client_id: z.string(),
-  client_id_scheme: z.string(), // previous z.literal("entity_id"),
+  client_id_scheme: z.string().optional(), // previous z.literal("entity_id"),
+  client_metadata: z
+    .object({
+      authorization_encrypted_response_alg: z.string().optional(),
+      authorization_encrypted_response_enc: z.string().optional(),
+      jwks_uri: z.string().optional(),
+      jwks: JWKS.optional(),
+    })
+    .optional(), // previous z.literal("entity_id"),
   scope: z.string().optional(),
   presentation_definition: PresentationDefinition.optional(),
 });

package/src/entity/trust/chain.ts

@@ -7,10 +7,9 @@ import {
   EntityStatement,
   TrustAnchorEntityConfiguration,
 } from "./types";
-import { JWK } from "../../utils/jwk";
+import { JWK, type JWTDecodeResult } from "../../utils/jwk";
 import { IoWalletError } from "../../utils/errors";
 import * as z from "zod";
-import type { JWTDecodeResult } from "@pagopa/io-react-native-jwt/lib/typescript/types";
 import { getSignedEntityConfiguration, getSignedEntityStatement } from ".";
 
 type ParsedToken = {

package/src/utils/crypto.ts

@@ -7,6 +7,8 @@ import {
 import uuid from "react-native-uuid";
 import { thumbprint, type CryptoContext } from "@pagopa/io-react-native-jwt";
 import { fixBase64EncodingOnKey } from "./jwk";
+import { X509, KEYUTIL, RSAKey, KJUR } from "jsrsasign";
+import { JWK } from "./jwk";
 
 /**
  * Create a CryptoContext bound to a key pair.
@@ -63,3 +65,44 @@ export const withEphemeralKey = async <R>(
   const ephemeralContext = createCryptoContextFor(keytag);
   return fn(ephemeralContext).finally(() => deleteKey(keytag));
 };
+
+/**
+ * Converts a certificate string to PEM format.
+ *
+ * @param certificate - The certificate string.
+ * @returns The PEM-formatted certificate.
+ */
+export const convertCertToPem = (certificate: string): string =>
+  `-----BEGIN CERTIFICATE-----\n${certificate}\n-----END CERTIFICATE-----`;
+
+/**
+ * Parses the public key from a PEM-formatted certificate.
+ *
+ * @param pemCert - The PEM-formatted certificate.
+ * @returns The public key object.
+ * @throws Will throw an error if the public key is unsupported.
+ */
+export const parsePublicKey = (
+  pemCert: string
+): RSAKey | KJUR.crypto.ECDSA | undefined => {
+  const x509 = new X509();
+  x509.readCertPEM(pemCert);
+  const publicKey = x509.getPublicKey();
+
+  if (publicKey instanceof RSAKey || publicKey instanceof KJUR.crypto.ECDSA) {
+    return publicKey;
+  }
+
+  return undefined;
+};
+
+/**
+ * Retrieves the signing JWK from the public key.
+ *
+ * @param publicKey - The public key object.
+ * @returns The signing JWK.
+ */
+export const getSigningJwk = (publicKey: RSAKey | KJUR.crypto.ECDSA): JWK => ({
+  ...JWK.parse(KEYUTIL.getJWKFromKey(publicKey)),
+  use: "sig",
+});

package/src/utils/decoder.ts

@@ -1,6 +1,6 @@
 import { decode as decodeJwt } from "@pagopa/io-react-native-jwt";
-import type { JWTDecodeResult } from "@pagopa/io-react-native-jwt/lib/typescript/types";
 import { ValidationFailed } from "./errors";
+import type { JWTDecodeResult } from "./jwk";
 
 /*
  * Decode a form_post.jwt and return the final JWT.

package/src/utils/jwk.ts

@@ -1,4 +1,4 @@
-import { removePadding } from "@pagopa/io-react-native-jwt";
+import { decode, removePadding } from "@pagopa/io-react-native-jwt";
 import { z } from "zod";
 
 export type JWK = z.infer<typeof JWK>;
@@ -63,3 +63,5 @@ export type JWKS = z.infer<typeof JWKS>;
 export const JWKS = z.object({
   keys: z.array(JWK),
 });
+
+export type JWTDecodeResult = ReturnType<typeof decode>;